CVE-2023-31410

The CVE concerns the SICK EventCam App where communications lack TLS, enabling potential Man-In-The-Middle eavesdropping and disclosure of sensitive data. The primary affected component is the EventCam App’s communication channel with clients; root cause is absence of encryption in transit. Publi...

CVE-2023-31410

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security TLS in the SICK EventCam App. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attack...

Vulnerabilities in SICK EventCam App

SICK discovered vulnerabilities in the SICK EventCam App, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the EventCam App. SICK recommends making sure to run the product in a secur...

PT-2023-23304 · Sick · Sick Eventcam App

Name of the Vulnerable Software and Affected Versions: SICK EventCam App affected versions not specified Description: A remote unprivileged attacker can intercept communication via Man-In-The-Middle attacks due to the absence of Transport Layer Security TLS in the app. This lack of encryption can...

SICK EventCam 访问控制错误漏洞

SICK EventCam is an industrial photoelectric sensor from SICK. A security vulnerability exists in SICK EventCam that stems from a lack of API authentication, allowing an attacker to modify and access configuration settings on the program...

SICK EventCam 安全漏洞

SICK EventCam is an industrial photoelectric sensor from SICK. A security vulnerability exists in SICK EventCam, which stems from a lack of encryption in the communication channel, resulting in the disclosure of sensitive information. The vulnerability can be exploited by an attacker to eavesdrop...